53 episodes

Data privacy is the footprint of our existence. It is our persona beyond ourselves, with traces of us scattered from birth certificates, Social Security numbers, shopping patterns, credit card histories, photographs, mugshots and health records. In a digital world, where memory is converted to 0’s and 1’s, then instantly transformed into a reproduction even in 3D, personal data is an urgent personal and collective subject. Those who wish to live anonymous lives must take extraordinary measures to succeed in that improbable quest, while those who hope for friendship or fame through the spread of their personal data must learn how to prevent theft of their identity and bank account.

If you have ideas for interviews or stories, please email info@thedataprivacydetective.com.

The internet in its blooming evolution makes personal data big business – for government, the private sector and denizens of the dark alike. The Data Privacy Detective explores how governments balance the interests of personal privacy with competing needs for public security, public health and other communal goods. It scans the globe for champions, villains, protectors and invaders of personal privacy and for the tools and technology used by individuals, business and government in the great competition between personal privacy and societal good order.

We’ll discuss how to guard our privacy by safeguarding the personal data we want to protect. We’ll aim to limit the access others can gain to your sensitive personal data while enjoying the convenience and power of smartphones, Facebook, Google, EBay, PayPal and thousands of devices and sites. We’ll explore how sinister forces seek to penetrate defenses to access data you don’t want them to have. We’ll discover how companies providing us services and devices collect, use and try to exploit or safeguard our personal data.

And we’ll keep up to date on how governments regulate personal data, including how they themselves create, use and disclose it in an effort to advance public goals in ways that vary dramatically from country to country. For the public good and personal privacy can be at odds. On one hand, governments try to deter terrorist incidents, theft, fraud and other criminal activity by accessing personal data, by collecting and analyzing health data to prevent and control disease and in other ways most people readily accept. On the other hand, many governments view personal privacy as a fundamental human right, with government as guardian of each citizen’s right to privacy. How authorities regulate data privacy is an ongoing balance of public and individual interests. We’ll report statutes, regulations, international agreements and court decisions that determine the balance in favor of one or more of the competing interests. And we’ll explore innovative efforts to transcend government control through blockchain and other technology.

In audio posts of 5 to 10 minutes each, you’ll get tips on how to protect your privacy, updates on government efforts to protect or invade personal data, and news of technological developments that shape the speed-of-bit world in which our personal data resides.

The laws governing legal advertising in some states require the following statements in any publication of this kind:

"THIS IS AN ADVERTISEMENT."

Data Privacy Detective - how data is regulated, managed, protected, collected, mined, stolen, defended and transcended. Joe Dehner - Global Data Privacy Lawyer

    • Technology
    • 2.0 • 1 Rating

Data privacy is the footprint of our existence. It is our persona beyond ourselves, with traces of us scattered from birth certificates, Social Security numbers, shopping patterns, credit card histories, photographs, mugshots and health records. In a digital world, where memory is converted to 0’s and 1’s, then instantly transformed into a reproduction even in 3D, personal data is an urgent personal and collective subject. Those who wish to live anonymous lives must take extraordinary measures to succeed in that improbable quest, while those who hope for friendship or fame through the spread of their personal data must learn how to prevent theft of their identity and bank account.

If you have ideas for interviews or stories, please email info@thedataprivacydetective.com.

The internet in its blooming evolution makes personal data big business – for government, the private sector and denizens of the dark alike. The Data Privacy Detective explores how governments balance the interests of personal privacy with competing needs for public security, public health and other communal goods. It scans the globe for champions, villains, protectors and invaders of personal privacy and for the tools and technology used by individuals, business and government in the great competition between personal privacy and societal good order.

We’ll discuss how to guard our privacy by safeguarding the personal data we want to protect. We’ll aim to limit the access others can gain to your sensitive personal data while enjoying the convenience and power of smartphones, Facebook, Google, EBay, PayPal and thousands of devices and sites. We’ll explore how sinister forces seek to penetrate defenses to access data you don’t want them to have. We’ll discover how companies providing us services and devices collect, use and try to exploit or safeguard our personal data.

And we’ll keep up to date on how governments regulate personal data, including how they themselves create, use and disclose it in an effort to advance public goals in ways that vary dramatically from country to country. For the public good and personal privacy can be at odds. On one hand, governments try to deter terrorist incidents, theft, fraud and other criminal activity by accessing personal data, by collecting and analyzing health data to prevent and control disease and in other ways most people readily accept. On the other hand, many governments view personal privacy as a fundamental human right, with government as guardian of each citizen’s right to privacy. How authorities regulate data privacy is an ongoing balance of public and individual interests. We’ll report statutes, regulations, international agreements and court decisions that determine the balance in favor of one or more of the competing interests. And we’ll explore innovative efforts to transcend government control through blockchain and other technology.

In audio posts of 5 to 10 minutes each, you’ll get tips on how to protect your privacy, updates on government efforts to protect or invade personal data, and news of technological developments that shape the speed-of-bit world in which our personal data resides.

The laws governing legal advertising in some states require the following statements in any publication of this kind:

"THIS IS AN ADVERTISEMENT."

    Episode 53 - Brazil’s New Personal Data Privacy Law

    Episode 53 - Brazil’s New Personal Data Privacy Law

    Brazil’s General Personal Data Protection Law or “LGPD” entered into force on September 18, 2020. In this podcast, Thiago Luís Santos Sombra of the prominent Brazilian law firm Mattos Filho, www.mattosfilho.com.br, explains the basic approach to personal data privacy of South America’s largest country.

    Highlights:
    • Brazil chose the European Union’s basic approach (GDPR), but there are differences between GDPR and LGPD.
    • Personal data is defined broadly to include identifiers such as email address, geo-location and similar information particular to a person.
    • Data mapping and risk assessment are the immediate steps a business should take that collects or processes personal data of Brazilians.
    • Companies must assess whether consent or legitimate interest is the basis of holding particular personal data and decide a compliant approach thereafter. Brazil’s Code is broader than GDPR in providing various bases to hold and process personal data. Businesses will look to express consent as a last resort rather than the first in complying with the law.
    • A privacy-compliant notice should be posted.
    • A prevention and emergency plan should be in place for handling breaches.
    • If a business is compliant with GDPR (or thinks it is), this does not guarantee Brazilian compliance, as there are differences from GDPR. There is probably more flexibility in Brazil for businesses than exists under GDPR, but until an Authority is in place, there is no regulator to discuss ambiguities or obtain advance guidance.
    • Cross-border transfers take the European approach, with no data localization as required by China, Russia, or India. The data protection authority to be appointed will need to issue standard contractual clauses or otherwise specify what is required. Brazil and the USA are already negotiating about data transfers, with no clear guidance from the Code about what is required of another country’s level of protection by law.
    • Data Protection Officers (DPO’s) must be appointed for controllers but not processors, with no threshold or de minimis test for this (unlike GDPR). No specific liability is specified for DPO’s, except for willful misconduct common to any relationship. DPO’s can be internal or outsourced. While there is no requirement that the DPO reside in Brazil, Portuguese language skill is practically essential for a DPO.
    • Regulations will follow in time. Individuals will need to be appointed to the Authority and approved by the legislature, with the aim of having an enforcement agency ready to act by August 2021.

    Because of Brazil’s prominent position as the giant of South America, one could expect an Iberian approach to personal data privacy throughout South America. Similar but not identical comprehensive codes exist in Chile, Colombia and many other South American countries.

    • 23 min
    Episode 52 - Data Brokers: How our Personal Information is Sold

    Episode 52 - Data Brokers: How our Personal Information is Sold

    Robo-calls, phishing, identity theft, ads we didn’t ask for – and worse. How does this happen? How does our personal data get collected, used and sold, without our knowing approval? Data brokers are a primary answer. They are businesses that collect, use, and sell blocks of personal information to a wide variety of buyers. This is not per se a shady business, though it may seem that way to those of us overwhelmed with constant interference by phone, email, pop-ups, and attacks aiming to disrupt our day or steal our assets or identity.

    Rob Shavell, CEO and co-founder of Abine, a 10-year-old privacy company, gives us a tour of data brokerage. Our personal data is collected in many ways. Some is virtually public – postal address, registered voter information, other ways in which details about us become publicly available. A lot of information about ourselves we contribute to the world – through social media posts, publicity, items we publish. There’s a tension between our instinct for privacy and the desire to be known, even famous if only for a day or two. Sensitive information is held by financial institutions, healthcare providers and others, who are generally restricted by federal and state law from sharing it with others but are themselves victims of a data breach. Information once disclosed becomes available to data brokers, who organize, package and sell the data to others interested in advertising to customers, monitoring behavior, analyzing groups or otherwise seeking data for their legitimate purposes (and otherwise.

    If you have ideas for more interviews or stories, please email info@thedataprivacydetective.com.

    • 25 min
    Episode 51 - Non - Personal Data - India Stakes A Claim On Owning and Regulating NPD

    Episode 51 - Non - Personal Data - India Stakes A Claim On Owning and Regulating NPD

    A July 2020 Indian Government Report calls for regulation of Non-Personal Data. Most data privacy laws aim to protect (or not) personal data of people, This Report raises the question whether the world is about to see an explosion of regulation of non-personal data, which could change the business of data and how information flows within and across national borders.

    Stephen Mathias, head of the Bangalore/Bengaluru office of Kochhar & Co., one of India’s largest law firms, first updates us on two ongoing data privacy topics and then explains a novel approach to non-personal data being considered by the world’s largest democracy.

    The Personal Data Protection Bill is advancing toward adoption by the Indian Parliament. Patterned on EU principles, the Bill if adopted in its current form would align India generally with GDPR concepts, though with a data localization approach different from EU rules for data sharing across borders.

    In August 2020 the Modi Government decreed as an emergency measure a ban of certain Chinese apps, grounded in concerns about how the personal data of Indian residents could be provided by the businesses with Chinese authorities. India joins the U.S. in using data and technology as a geopolitical tool against PRC actions that transcend data concerns. For Indian consumers and businesses that represent a large market for Chinese companies and provide services used by many Indian residents, this has raised a backlash from many using Chinese-sourced apps and concern from businesses about the retaliation. Will trade wars be supplemented by data wars? Stay tuned.

    If you have ideas for more interviews or stories, please email info@thedataprivacydetective.com.

    • 27 min
    Episode 50 - Intersection Of Cloud Computing And Data Privacy

    Episode 50 - Intersection Of Cloud Computing And Data Privacy

    Cloud computing offers a business the prospect of efficiency and savings by improving data storage capabilities and outsourcing computing resources that a business need not build for itself. But when data moves to the cloud, does this raise new troubles and make legal compliance more difficult? Or can it minimize risk and increase compliance with a dizzying array of global data privacy laws? How do cloud computing and data privacy compliance intersect?

    Lowell Thompson of Genity, a US-based company, discusses in this podcast how a cloud computing service can address this challenge and opportunity. Using encryption technology, Genity offers what it describes as data security by default that aims to bypass data privacy laws of Europe, California, Canada, and other countries.

    Major data breaches such as Equifax (2017) revealed weaknesses in internal business systems, in that case exposing sensitive personal information of 147 million people from several countries. As a business focused on data, a cloud provider must be attentive to cybersecurity and differing data privacy rules and so may be able to provide greater security and compliance than many businesses can expect of their own personnel and system.

    When a business contracts with a cloud computing services provider, it should consider several key issues: consent of data subjects, security, control and supervision, and server location. If a server resides in a jurisdiction that requires data localization or requires sharing data with government authorities, this can complicate a business’ data issues. The contract between a business and cloud services provider merits careful review to determine whether proceeding minimizes or increases the risk of data breach and inadvertent violations of differing state and national data privacy rules.

    Cloud computing has its benefits. But you don’t want a cloud to turn dark with thunder and lightning. Explore the intersection of cloud computing and data privacy in this podcast.

    If you have ideas for more interviews or stories, please email info@thedataprivacydetective.com.

    • 13 min
    Episode 49 - Hong Kong: What Impact Of The National Security Law

    Episode 49 - Hong Kong: What Impact Of The National Security Law

    On June 30, 2020 China enacted a National Security Law applicable in Hong Kong. The UK and USA governments reacted negatively, stoking fears that this could mean the end of the one-country-two systems concept. Front-page news abounds about the meaning, the reach, and the political implications.

    But what about business and normal life, about Hong Kong’s role as a global financial and technology center? How does one understand the impact on data privacy? Does this mean a replacement of Hong Kong law or will it be Hong Kong business as usual? In this podcast Pádraig Walsh of Tanner De Witt Solicitors, a leading Hong Kong law firm, guides us.

    If you have ideas for more interviews or stories, please email info@thedataprivacydetective.com.

    • 13 min
    Episode 48 - Colombia and Data Privacy

    Episode 48 - Colombia and Data Privacy

    Colombia made personal privacy a fundamental right in its 1991 Constitution. A 2008 law protected personal financial information, and in 2012 Colombia adopted Law 1581, a broad code across all sectors, modeled generally on the European/Iberian approach.

    Angela María Noguera Moreno, of counsel with the Colombian law firm of Vanegas Morales Consultores and an IAPP-certified Information Privacy Professional/Europe, explains in this podcast the Colombian approach to protecting personal data. Colombia requires all businesses to protect personal data. Consent of the data subject, the individual, is the keystone requirement. All controllers and processors of personal data must comply with the requirements of Law 1581 and decrees that function as regulations implementing the code. Responsible parties are both controllers and processors of personal data. Personal data categories include not only sensitive (financial, medical, religious, political) and non-sensitive (business or email address) types of data, but what Colombia calls “semi-private” data, such as information about an individual’s credit history.

    The data protection authority is the Superintendence of Industry & Commerce, which can levy fines and even close a business for violating data privacy laws.

    Colombia is now in a transition from formalistic compliance (posting website notices and policies) to a compliant society that protects personal data in practice. Superintendence officials expect compliance beyond simply posting policies. This is an approach under way generally in South America, though some countries like Ecuador and Panama did not adopt a general law until 2019. Listen to this podcast for an overview of how this important South American country aims to protect personal data privacy.

    If you have ideas for more interviews or stories, please email info@thedataprivacydetective.com.

    • 20 min

Customer Reviews

2.0 out of 5
1 Rating

1 Rating

1000mk5 ,

Awful audio

Why would anyone go to the effort of making a podcast with audio that makes the presenter sound like he has his head stuck in a can.
Truly terrible.

Dear Presenter, do yourself and everyone a favour, ditch the condenser mic and invest in a half decent dynamic because your audio ruins your show.

Top Podcasts In Technology

Listeners Also Subscribed To